<?php
	//Prototype multi bahasa
	session_start();
	
	if (!isset($_SESSION['sesi_login']))
		header("Location:../../index.php");
	
	//Include file ini pada setiap modul yang akan dibuat 
	@chdir("../../");
	define('ABS_URL',str_replace("\\","/",getcwd()));
	require ABS_URL.'/engine/Smarty.class.php';
	require ABS_URL."/functions/class.query.inc.php";
	$smarty = new Smarty();
	require ABS_URL."/dev_con.inc.php";
	require ABS_URL."/functions/func_file.php";
	$queryData = new queryData();
	$queryData->baseConfig();
	require ABS_URL."/functions/func_content.php";
	require ABS_URL."/langs/".BASE_LANGUAGE.'.inc.php';
	require $queryData->get_curr_dir(dirname(__FILE__))."/langs/".BASE_LANGUAGE.'.inc.php';
	//-------------------------------------------------------
	//ACT = $_GET['act'];
	//SHOW = $_GET['show'];
	//SHOWVIEW = $_GET['showview'];
	//ACT_VER = $_GET['act_ver'];

	$arr1 = array("http://".$_SERVER['HTTP_HOST']."/");
	$path = array('');
	
	$judul = trim($_POST['judul']);
	$header_c = trim($_POST['header_c']);
	$header_c = strip_tags($header_c);
	$header_c = htmlspecialchars($header_c);
	$upbanner = trim($_POST['upbanner']);
	$tanggal = date("Y-m-d-H-i-s");
	$tipe = $_POST['type'];
	$isi = trim($_POST['isi']);
	$author = strtolower($_SESSION['author']);
	if ($_POST['publish']=="ya") {
		$status = 1;
	} else {
		$status = 0;
	}
	$upbanner = str_replace($arr1,$path,$upbanner);
	$info1 = pathinfo($upbanner);
	$info2 = file_info('../../'.$upbanner);
	$size = $info2['size'];
	$filename = basename($upbanner,'.'.$info1['extension']);
	$aext = file_ext($upbanner);
	$aext = strtolower($aext);
	$dirname = dirname($upbanner)."/";
	
	if (!isset($_SESSION['isroot']))
		$status = 0;
	
	if (strtolower(ACT_VER)=="hapus") {
		$kode = (int) $_GET['kode'];
		$sql = "DELETE FROM tbl_content WHERE idx='".$kode."'";
		$qry = mysql_query($sql);
		$queryData->tagCloud('hapus',$_POST['TAGNAME'],'tag','TAGNAME',$kode);
		($qry) ? $_SESSION['sesi_ver'] = $queryData->cekAksi($kode,'delete') : $_SESSION['sesi_ver'] = '';
		$act = 'lihat';
	} else {
		//variable pengecekan data PHP (lihat change_log.txt)
		$a = array($judul,$header_c,$isi,$aext);
		$b = array('empty','empty','empty','fileImage');
		$c = array($NEWS_TITLE,$NEWS_HEADER,$NEWS_CONTENT,$NEWS_FAILED_EXTENSION);
		switch (strtolower($_POST['act_ver'])) {
			case "input" :
				//fungsi pengecekan data PHP (lihat change_log.txt)
				$result = $queryData->NotificationCheck($a,$b,$c);
				if (empty($result)) {
					$sql = "INSERT INTO tbl_content VALUES(NULL,'".$judul."','".$header_c."','".$isi."','".$author."','".$tanggal."','".$tipe."','".$status."')";
					$qry = mysql_query($sql);
					//fungsi cekAksi digunakan untuk menampilkan data sesuai dengan aksi (lihat change_log.txt)
					$sql = 'SELECT last_insert_id() as lastId FROM tbl_content';
					$qry = mysql_query($sql);
					$row = mysql_fetch_object($qry);
					$queryData->tagCloud('input',$_POST['TAGNAME'],'tag','TAGNAME',$row->lastId);
					//fungsi cek Thumbnails
					$iduser = $row->lastId;
					$sqlQ = "SELECT * FROM x_field WHERE tipe='post'";
					$qryQ = mysql_query($sqlQ);
					while($rowQ = mysql_fetch_object($qryQ)) {
						$arr_find = array(" ","/");
						$arr_replace = array("_","_");
						$name_form = str_replace($arr_find,$arr_replace,strtolower($rowQ->fieldname));
						$rowS = $queryData->selek1("x_fieldvalue","`tipe`='post' AND `fieldname`='".$name_form."' AND id_user='".$iduser."'");
						
						if ($rowS->id_user=="") {
							$sqlD = "INSERT INTO x_fieldvalue VALUES(NULL,'post','".$name_form."','".$_POST[$name_form]."','".$iduser."')";
							$qryD = mysql_query($sqlD);
						} else {
							$sqlD = "UPDATE x_fieldvalue SET fieldvalue='".$_POST[$name_form]."' WHERE `tipe`='post' AND `fieldname`='".$name_form."' AND id_user='".$iduser."'";
							$qryD = mysql_query($sqlD);
						}
					}
					
					$_SESSION['sesi_ver'] = $queryData->cekAksi($judul,'add');
					$act = 'lihat';
				} else {
					//variable pada [langs]
					$_SESSION['sesi_ver'] = $DEV_ACTION_NOTIFICATION;
					foreach($result as $data) {
						$_SESSION['sesi_ver'] .= '<br />- '.$data;
					}
					$act = 'tambah';
				}
			break;
			case "edit" :
				$kode = (int) $_POST['kode'];
				$result = $queryData->NotificationCheck($a,$b,$c);
				if (empty($result)) {
					$sql = "UPDATE tbl_content SET judul='".$judul."', header_c='".$header_c."', isi='".$isi."', status='".$status."', tipe='".$tipe."' WHERE idx='".$kode."'";
					$qry = mysql_query($sql);
					//Tag Cloud
					$queryData->tagCloud('edit',$_POST['TAGNAME'],'tag','TAGNAME',$kode);
					//Thumbnails
					$iduser = $kode;
					$sqlQ = "SELECT * FROM x_field WHERE tipe='post'";
					$qryQ = mysql_query($sqlQ);
					while($rowQ = mysql_fetch_object($qryQ)) {
						$arr_find = array(" ","/");
						$arr_replace = array("_","_");
						$name_form = str_replace($arr_find,$arr_replace,strtolower($rowQ->fieldname));
						$rowS = $queryData->selek1("x_fieldvalue","`tipe`='post' AND `fieldname`='".$name_form."' AND id_user='".$iduser."'");
						
						if ($rowS->id_user=="") {
							$sqlD = "INSERT INTO x_fieldvalue VALUES(NULL,'post','".$name_form."','".$_POST[$name_form]."','".$iduser."')";
							$qryD = mysql_query($sqlD);
						} else {
							$sqlD = "UPDATE x_fieldvalue SET fieldvalue='".$_POST[$name_form]."' WHERE `tipe`='post' AND `fieldname`='".$name_form."' AND id_user='".$iduser."'";
							$qryD = mysql_query($sqlD);
						}
					}
					
					$_SESSION['sesi_ver'] = $queryData->cekAksi($judul,'edit');
					$act = 'lihat';
				} else {
					$_SESSION['sesi_ver'] = $DEV_ACTION_NOTIFICATION;
					foreach($result as $data) {
						$_SESSION['sesi_ver'] .= '<br />- '.$data;
					}								
					$act = 'edit&kode='.$kode;
				}
			break;
		}
	}
	
	if (isset($_SESSION['sesi_login'])) {
		header('Location:../../?show='.SHOW.'&showview='.SHOWVIEW.'&act='.$act.'&limitdown=0');
	} else {
		header("Location:../../index.php");
	};
?>